<?php

     session_start();
     include('common.php');

    if (session_is_registered(MySBB_Admin_username) and $member_permission == 1)
    {

// **  **

         if ($groupper_row['admincp_admin'] != 1)
         {
             $SF->error('المعذره .. هذه الميزه غير متاحه لك !');
         }

// **  **

         if ($_GET['add'] == 1)
         {
             if ($_GET['index'] == 1)
             {

                 # Get sections list
                 $section_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "section WHERE main_section<>'1' ORDER BY sort ASC");

                 $sections_row = array();
                 while ($section_row = $DB->sql_fetch_array($section_query))
                 {
                     $sections_row[] = $section_row;
                     $Smarty->assign('sections_row',$sections_row);
                 }

                 # Get admin groups
                 $getmod_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "group WHERE group_mod='1' ORDER BY id DESC");

                 $getmod_rows = array();
                 while ($getmod_row = $DB->sql_fetch_array($getmod_query))
                 {
                     $getmod_rows[] = $getmod_row;
                     $Smarty->assign('getmod_rows',$getmod_rows);
                 }

                 $SF->Make_cplink_path('<a href="admin.php?main=1">المشرفين</a> -> اضافة مشرف');
                 $Smarty->display('admin_add.tpl');
             }

#=======================================================================================

             if ($_GET['start'] == 1)
             {

                 if ($member_row['id'] == $_POST['D1'])
                 {
                     $SF->error('خطأ , لقد قمت بتسجيل دخولك بهذا الاسم');
                 }

                 if ($_POST['D2'] == 0)
                 {
                     $SF->error('يرجى اختيار المنتدى');
                 }

                 if ($_POST['mod_group'] == 0)
                 {
                     $SF->error('يرجى اختيار المجموعه');
                 }
                 $check_dublicated_mods = $DB->sql_query("SELECT * FROM " . $db_prefix . "sectionadmin WHERE member_id = '" . intval($_POST['D1']) . "' AND section_id = '" . intval($_POST['D2']) . "'");
                 $check_dublicated_mods_num = $DB->sql_num_rows($check_dublicated_mods);

                 if ($check_dublicated_mods_num > 0)
                 {
                     $SF->error('تم إضافة هذا المشرف مسبقاً على هذا القسم');
                 }

                 $getmemberid_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "member WHERE id='" . intval($_POST['D1']) . "'");
                 $getmemberid_row   = $DB->sql_fetch_array($getmemberid_query);
                 $memberid          = $getmemberid_row['id'];

                 $getmemberid_num = $DB->sql_num_rows($getmemberid_query);
                 if ($getmemberid_num == 0)
                 {
                     $SF->error('رقم عضوية خاطئة');
                 }

                 $insert  = $DB->sql_query("INSERT INTO " . $db_prefix . "sectionadmin(id,section_id,member_id,username) VALUES('NULL','" . intval($_POST['D2']) . "','" . $memberid . "','" . $SF->SafeSQL($getmemberid_row['username']) . "')");

                 if ($getmemberid_row['usergroup'] != 1)
                 {
                     $update  = $DB->sql_query("UPDATE " . $db_prefix . "member SET usergroup='" . intval($_POST['mod_group']) . "' WHERE id='" . $memberid . "'");
					 					 
                     $groupper_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "group WHERE id='" . intval($_POST['mod_group']) . "'");
                     $groupper_row   = $DB->sql_fetch_array($groupper_query);
		 
                     $username_wstyle = $groupper_row['username_style'];
                     $username_wstyle = explode('[username]',$username_wstyle);
                     $style_username  = addslashes($username_wstyle[0] . htmlspecialchars($getmemberid_row['username']) . $username_wstyle[1]);

                     $update_today  = $DB->sql_query("UPDATE " . $db_prefix . "today SET username_style='" . $style_username . "' WHERE user_id='" . $memberid . "'");

                 }

                 if ($_POST['D3'] == 1)
                 {
                     $section_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "section WHERE id='" . intval($_POST['D2']) . "'");
                     $section_row   = $DB->sql_fetch_array($section_query);

                     $title = 'مشرف ' . $SF->SafeSQL($section_row['title']);
                     $update = $DB->sql_query("UPDATE " . $db_prefix . "member SET user_title='$title' WHERE id='" . $memberid . "'");
                 }

                 if ($insert)
                 {
                     $updateforums  =  $SF->UpdateForumsArray();
                     $updateforums  =  $SF->UpdateSubForums();

                     if ($updateforums)
                     {
                         $SF->msg('تم اضافة المشرف بنجاح !');
                         $SF->go_to('admin.php?main=1',2);
                     }
                 }
             }
         }

// **  **

         if ($_GET['main'] == 1)
         {
             $adminsection_query = $DB->sql_query("SELECT DISTINCT " . $db_prefix . "section.* FROM " . $db_prefix . "section
                                                   LEFT JOIN " . $db_prefix . "sectionadmin ON (" . $db_prefix . "section.id = " . $db_prefix . "sectionadmin.section_id)
                                                   WHERE " . $db_prefix . "section.id = " . $db_prefix . "sectionadmin.section_id
                                                   ORDER BY " . $db_prefix . "section.id DESC");

             $adminsection_rows = array();
             while ($adminsection_row = $DB->sql_fetch_array($adminsection_query))
             {
                    $adminsection_rows[] = $adminsection_row;
                    $Smarty->assign('adminsection_rows',$adminsection_rows);
             }

             $SF->Make_cplink_path('المشرفين');
             $Smarty->display('admin_main.tpl');
         }

// **  **

         if ($_GET['show_admin'] == 1)
         {
             if ($_GET['index'] == 1)
             {
                 $id = intval($_GET['id']);

                 $memberinfo_query = $DB->sql_query("SELECT " . $db_prefix . "member.* FROM " . $db_prefix . "member AS " . $db_prefix . "member
                                                     LEFT JOIN " . $db_prefix . "sectionadmin ON (" . $db_prefix . "member.id = " . $db_prefix . "sectionadmin.member_id)
                                                     WHERE " . $db_prefix . "sectionadmin.section_id = '$id'");

                 $memberinfo_rows = array();
                 while ($memberinfo_row = $DB->sql_fetch_array($memberinfo_query))
                 {
                     $memberinfo_rows[] = $memberinfo_row;
                     $Smarty->assign('memberlist_row',$memberinfo_rows);
                 }

                 $SF->Make_cplink_path('<a href="admin.php?main=1">المشرفين</a> -> قائمة المشرفين');

                 $Smarty->assign('s_id',intval($_GET['id']));
                 $Smarty->assign('admin',1);
                 $Smarty->display('memberlist.tpl');
             }
         }

// **  **

         if ($_GET['edit'] == 1)
         {
             if ($_GET['index'] == 1)
             {
                 $id  = intval($_GET['id']);
                 $sid = intval($_GET['section_id']);

                 $memberinfo_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "member WHERE id='" . $id . "'");
                 $section_query    = $DB->sql_query("SELECT * FROM " . $db_prefix . "section WHERE id='" . $sid . "'");
                 $sections_query   = $DB->sql_query("SELECT * FROM " . $db_prefix . "section WHERE main_section<>'1'");

                 $memberinfo_row   = $DB->sql_fetch_array($memberinfo_query);
                 $section_row      = $DB->sql_fetch_array($section_query);

                 $sections_rows = array();
                 while ($sections_row = $DB->sql_fetch_array($sections_query))
                 {
                     $sections_rows[] = $sections_row;
                     $Smarty->assign('sections_rows',$sections_rows);
                 }

                 $SF->Make_cplink_path("<a href='admin.php?main=1'>المشرفين</a> -> <a href='admin.php?show_admin=1&index=1&id=" . $_GET['section_id'] . "'>قائمة المشرفين</a> -> تحرير المشرف : " . htmlspecialchars($memberinfo_row['username']) . "");

                 $Smarty->assign_by_ref('memberinfo_row',$memberinfo_row);
                 $Smarty->assign_by_ref('section_row',$section_row);
                 $Smarty->assign_by_ref('sections_row',$sections_row);

                 $Smarty->assign('id',$id);
                 $Smarty->assign('sid',$sid);

                 $Smarty->display('admin_edit.tpl');
             }

             if ($_GET['start'] == 1)
             {
                 if ($_POST['D3'] == 1)
                 {
                     $member_id  = intval($_GET['uid']);
                     $section_id = intval($_GET['sid']);

                     $del = $DB->sql_query("DELETE FROM " . $db_prefix . "sectionadmin WHERE member_id='" . $member_id . "' AND section_id='" . $section_id . "'");

                     $getsection_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "sectionadmin WHERE member_id='" . $member_id . "'");
                     $getsection_num   = $DB->sql_num_rows($getsection_query);

                     if ($getsection_num <= 0)
                     {
                         $ainsert = $DB->sql_query("UPDATE " . $db_prefix . "member SET usergroup='4' WHERE id='" . $member_id . "'");
                     }

                     if ($del)
                     {
                         $updateforums  =  $SF->UpdateForumsArray();
                         $updateforums  =  $SF->UpdateSubForums();
                         if ($updateforums)
                         {
                             $SF->msg('تم ازالته من الاشراف بنجاح !');
                             $SF->go_to('admin.php?main=1',2);
                         }
                     }
                 }

                 if ($_POST['D3'] == 0)
                 {
                     $update = $DB->sql_query("UPDATE " . $db_prefix . "sectionadmin SET section_id='" . intval($_POST['D2']) . "' WHERE member_id='" . intval($_GET['uid']) . "' AND section_id='" . intval($_GET['sid']) . "'");
                     if ($update)
                     {
                         $updateforums  =  $SF->UpdateForumsArray();
                         $updateforums  =  $SF->UpdateSubForums();
                         if ($updateforums)
                         {
                             $SF->msg('تم التحديث بنجاح !');
                             $SF->go_to('admin.php?main=1',2);
                         }
                     }
                 }
             }
         }

// **  **
         if ($_GET['del'] == 1)
         {
             $id  = intval($_GET['id']);
             $sid = intval($_GET['section_id']);
             if ($_GET['step'] == 1)
             {
                 $SF->html('<div align="center" dir="rtl">');
                 $SF->html('<p>هل أنت متأكد من أنك تريد إزالة المشرف من إشرافه؟</p>');
                 $SF->html('<form action="admin.php?del=1&step=2&id=' . $id . '&section_id=' . $sid . '" method="post">
                            <input type="submit" name="yes" value="نعم" style="font-family: Tahoma; font-size: 8pt" dir="rtl">
                            <input type="submit" name="no" value="لا" style="font-family: Tahoma; font-size: 8pt" dir="rtl" onclick="history.back(1); return false;">
                            </form>');
                 $SF->html('</div>');
             }

             if ($_GET['step'] == 2)
             {
                 if ($_POST['yes'])
                 {
                     $del_moderator = $DB->sql_query("DELETE FROM " . $db_prefix . "sectionadmin WHERE member_id = '" . $id . "' AND section_id = '" . $sid . "'");
                     $del_mod = $DB->sql_query("DELETE FROM " . $db_prefix . "sectionadmin WHERE member_id = '" . $id . "'");
                     $SF->UpdateForumsArray();
                     $SF->UpdateSubForums();

                     if ($del_moderator)
                     {
                         $SF->msg('تم حذف المشرف بنجاح');
                         $SF->go_to('admin.php?main=1',2);
                     }
                     else
                     {
                         $SF->error('المعذره العضو المطلوب غير موجود !');
                     }
                 }
             }
         }
// **  **

    }

?>